Experts talking about the security strategy of cloud computing environment

Source: Internet
Author: User
Keywords Cloud computing security
External networks that use cloud computing environments can gain the benefits of offsite storage backups, but at the same time pose some dangers: viruses, spam, malware, and identity thieves are some of the threats you might face. CIO channel weekly Hot "dot" article how does the CIO resolve the IT team interpersonal conflict? Hold on and give up: How should CIOs decide how to reshape government CIO functions? Challenges faced by CIOs in the 2009 and coping strategies three lessons I experienced in the strategic transition story away from CEO "intuitive decision" CIO how to seize the opportunity? Sharing data with outside service providers is at risk, but there are some security benefits, according to Eranfeigenbaum, the company's security director for apps. While many companies now allow cloud computing service providers access to their data, "It's a big benefit to just share documents, not share the entire infrastructure." Trebryan, chief executive of Opsource, added: "You don't have to figure out multiple security areas because there's only one positive connection." "The company provides data management and backup services for software services (SaaS) and internet companies." Below, the experts describe how to secure the cloud computing environment. First, focus on what's Open cloud computing service provider Salesforce warns against opening suspicious e-mail messages at its trusted site. This is a simple truth, but many people have failed to follow the advice. Also pay attention to suspicious links. Balding suggested that the provider should be asked about the incident response mechanism. He says providers should be able to help in case anyone tries to invade. You also have to ask if the provider will not mirror your machine, or it must be done by yourself. Craigbalding is the head of technology security at Fortune 500, and has a blog about cloud computing security. He suggests that if you open the file, make sure that network access is encrypted. Amazon does not provide data encryption services for its Web services business, he notes. Salesforce.com recommends two-factor authentication techniques such as RSA tokens or smart cards at their trusted sites. Second, protect cloud API Key Balding reminder, you need to ensure your own cloud API (application programming Interface) key security. He said: "If someone gets your access key, you can access all your data." The provider is required to provide you with a multiple key to protect each group of data in different risk categories. He also suggested that production data should be placed in one account and that development data should be placed in another account. This, he says, would reduce the risk of people breaking into insecure development machines. Third, how much to pay the use of balding recommendations, in order to avoid competitors accumulate arrears, how much cloud services, how much to pay the cost. "It is necessary to set thresholds if the volume of usage increases dramatically," he said. "Iv. copy data Google's FEigenbaum emphasizes the importance of replicating data across multiple data centers. For example, in the event of a disaster in the northeast, data can still be accessed from other regions. Feigenbaum said: "If there is a disaster in the northeast, such as a snowstorm, resulting in power outages, you can still access your data from another data center, no one knows what's behind this." "Five, enhance endpoint reliability" The cloud computing concept is to put as little data as possible on endpoint devices, Feigenbaum said. Securing the endpoint device is difficult--it's tantamount to putting security in the hands of the user. The Federal Bureau of Investigation (FBI) claims that for the 12 months it was bought, up to 10% stolen laptops. Although USB keys are easy to use, they are easily lost. "Don't ignore the security of the client," Joe Krause, director of product management at Trustwave, the information security consulting firm, advises. "Vi. Ensuring that data transactions comply with relevant regulations and certifications Opsource Ryan suggests that transactions involving credit cards should conform to the payment card industry (PCI) data security standards. He explained: "If our system does not meet the PCI standards, the system will have problems, the Internet data will not be a security transaction." "In a corporate environment, companies should comply with the SaaS70 security agreement," says Ryan. At the same time, if medical data were to be transmitted within the cloud computing environment, health-care companies would have to comply with the regulations governing the portability and Accountability of Health Insurance Act (HIPAA). Vii. understanding of vulnerability management Trustwave's Krause says the provider needs to be able to manage security vulnerabilities that some of the data affects many customers. "A loophole could lead to the exposure of key assets for many customers," Krause said. Cloud providers must be able to demonstrate that they recognize the security vulnerabilities of the cloud computing environment; "Viii. Maintenance forensics logs and blog Krause said providers need to be aware of where their customers ' data is. "There is a way to track audit trails and to know where the data is," he said. He says forensics logs and Web logs can do the job. Balding advises: "Turn on logging so you can understand how people use your services in a cloud computing environment." That way, you might find some attacks. If the log function is not turned on, no malicious content or hacker attempt can be found. "Also contact the IT department to see if the rest of the company has purchased a cloud computing service because if they have already purchased the service, there may be a security risk." Balding said he wanted to consult with the finance Department to see who else in the company had bought the service. He said that if the same information appeared two times in the cloud computing environment, it would endanger the company.
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.